Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/FoZfVXMjoAKdPeMwLyUHR6C_QNw.roa
File: FoZfVXMjoAKdPeMwLyUHR6C_QNw.roa (raw, json)
Hash identifier: kgLhWEETF8FWs5EZgP8rHLlIOvSHgI4IAUFImCQiMQ4=
Subject key identifier: 16:86:5F:55:73:23:A0:02:9D:3D:E3:30:2F:25:07:47:A0:BF:40:DC
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7FB5C9F5A1DE07128A6F2C8D63B40450
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/FoZfVXMjoAKdPeMwLyUHR6C_QNw.roa
Signing time: Tue 06 Feb 2024 18:37:16 +0000
ROA not before: Tue 06 Feb 2024 18:37:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197761
IP address blocks: 2a0f:b241:129::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b5:c9:f5:a1:de:07:12:8a:6f:2c:8d:63:b4:04:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:37:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16865f557323a0029d3de3302f250747a0bf40dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:16:93:1d:c9:9d:2a:12:39:40:ca:ef:7a:55:
00:62:5b:e7:df:2c:af:b7:e9:8a:eb:2b:7d:c6:47:
f3:27:21:3f:5c:a6:c0:f6:93:9f:b4:71:9c:17:0e:
47:1a:10:fa:4e:a3:38:1b:fc:b9:11:b6:2d:8d:21:
c5:9a:40:6e:01:d9:30:70:64:54:a5:c0:b2:50:0d:
82:77:cb:04:39:7d:f6:d4:05:ed:92:7f:c1:60:5d:
ad:25:be:51:4c:80:78:9f:14:0a:3e:38:2c:b7:ee:
88:8b:b9:f7:ba:57:1e:1e:e1:c6:d9:07:b3:bf:3b:
8a:87:3c:08:d4:54:90:e4:ed:d2:b3:36:8c:35:10:
64:b5:d9:b7:a0:32:ed:84:e1:24:be:c8:ec:13:a1:
3c:0f:79:8e:17:58:bd:de:75:2c:e5:36:50:33:fb:
50:4e:87:7b:15:09:5a:95:cf:f5:a9:8c:9a:61:f8:
7b:fa:8c:b3:35:22:e9:ef:70:81:a8:5d:93:92:15:
80:ef:d8:7e:71:cd:01:1f:f1:e5:df:6f:87:84:ef:
73:8d:a9:1d:83:1c:af:44:f8:c5:9f:db:4a:06:d5:
b1:85:98:a5:e3:ea:92:d7:cf:a8:be:af:3c:79:b1:
99:84:33:e6:ed:b4:20:0d:67:00:97:a1:33:a2:5e:
62:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:86:5F:55:73:23:A0:02:9D:3D:E3:30:2F:25:07:47:A0:BF:40:DC
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/FoZfVXMjoAKdPeMwLyUHR6C_QNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:129::/48
Signature Algorithm: sha256WithRSAEncryption
7c:c0:d4:66:eb:3c:76:ec:9f:92:61:79:42:52:74:4b:1e:60:
01:ac:97:8a:ae:3b:33:03:e2:f5:ef:d8:d8:fa:a6:18:78:4a:
95:b7:67:35:44:5e:a9:64:09:bc:8e:ea:de:2c:06:17:39:f8:
29:a3:66:1e:01:1e:e4:5d:30:35:0a:49:84:24:e5:b7:d9:74:
89:92:85:f8:98:ba:e3:3b:80:35:76:40:c6:50:0c:08:d8:28:
b0:05:73:d9:75:6e:4a:98:27:f6:a8:a8:ef:36:3c:27:fc:55:
57:f7:3e:c4:ae:38:e5:79:31:c1:41:c8:81:08:a6:d5:b5:4c:
a5:47:50:fd:04:2f:b6:79:f9:1f:84:3e:a8:98:ce:95:21:f4:
4e:e4:8a:e8:ae:c0:7d:d8:82:a9:03:d7:7d:81:40:a8:f3:cc:
b6:d4:3d:65:16:e9:ba:2a:f1:6f:ba:98:3b:5c:56:9f:38:0f:
eb:9d:dd:aa:a7:da:8b:e7:11:81:3f:eb:2d:39:9b:20:06:70:
1e:30:21:04:81:70:b7:22:db:e3:ee:7f:37:15:47:69:a3:88:
72:9c:10:27:5b:0b:ef:58:e2:26:89:16:3e:91:ca:81:a8:5c:
9c:ed:fa:db:68:e5:21:cf:d3:94:f0:6c:f8:ad:7c:ea:1d:25:
46:03:83:a1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/tcn1od4HEopvLI1jtARQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgzNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjg2NWY1NTczMjNhMDAyOWQzZGUzMzAyZjI1MDc0N2EwYmY0MGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRaTHcmdKhI5QMrvelUAYlvn3yyv
t+mK6yt9xkfzJyE/XKbA9pOftHGcFw5HGhD6TqM4G/y5EbYtjSHFmkBuAdkwcGRU
pcCyUA2Cd8sEOX321AXtkn/BYF2tJb5RTIB4nxQKPjgst+6Ii7n3ulceHuHG2Qez
vzuKhzwI1FSQ5O3SszaMNRBktdm3oDLthOEkvsjsE6E8D3mOF1i93nUs5TZQM/tQ
Tod7FQlalc/1qYyaYfh7+oyzNSLp73CBqF2TkhWA79h+cc0BH/Hl32+HhO9zjakd
gxyvRPjFn9tKBtWxhZil4+qS18+ovq88ebGZhDPm7bQgDWcAl6Ezol5ihQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBaGX1VzI6ACnT3jMC8lB0egv0DcMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvRm9aZlZYTWpvQUtkUGVNd0x5VUhSNkNfUU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQEp
MA0GCSqGSIb3DQEBCwUAA4IBAQB8wNRm6zx27J+SYXlCUnRLHmABrJeKrjszA+L1
79jY+qYYeEqVt2c1RF6pZAm8jureLAYXOfgpo2YeAR7kXTA1CkmEJOW32XSJkoX4
mLrjO4A1dkDGUAwI2CiwBXPZdW5KmCf2qKjvNjwn/FVX9z7ErjjleTHBQciBCKbV
tUylR1D9BC+2efkfhD6omM6VIfRO5IrorsB92IKpA9d9gUCo88y21D1lFum6KvFv
upg7XFafOA/rnd2qp9qL5xGBP+stOZsgBnAeMCEEgXC3Itvj7n83FUdpo4hynBAn
WwvvWOImiRY+kcqBqFyc7frbaOUhz9OU8Gz4rXzqHSVGA4Oh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org